package com.g8.pethospitallearnbackend.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;

@Configuration
public class SecurityConfig {

    /**
     * 创建BCryptPasswordEncoder注入容器
     * @return
     */
    @Bean
    public BCryptPasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    /**
     * SpringSecurity 5.4.x以上新用法配置
     * 为避免循环依赖，仅用于配置HttpSecurity
     * 帮助文档https://www.soinside.com/question/pNwqEF8DXw5BwbinMYFhD6
     * Created by macro on 2022/5/19.
     */
    @Bean
    SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.authorizeHttpRequests(auth -> auth
                .requestMatchers("/**")
                .permitAll().requestMatchers("/self/emailverify/**").permitAll()
                .requestMatchers("/self/signin").permitAll()
                .anyRequest().authenticated()
        );
        httpSecurity.csrf(httpSecurityCsrfConfigurer -> httpSecurityCsrfConfigurer.disable());
        //省略HttpSecurity的配置
        return httpSecurity.build();
    }




}

